Password protection is an access control technique that helps keep important data safe from hackers by ensuring it can only be accessed with the right credentials.

There are two types of authentication.

Single-factor authentication (SFA) - Only one form of Authentication required/provided.

Multi-factor authentication (MFA) - More than one form of Authentication required/provided.

Knowledge-based authentication uses a passphrase or secret code to gain access and as we all know is the most common form of verification around the world, but we are becoming increasingly aware of how prone this is to a variety of attacks and so the rise of Multi-factor authentication hardens this process.

A common example of a "something you have" is a token this can be a digital token texted to your phone after you enter your password correctly.

A common example of a "something you are" is a location/IP address and it will ask for more verification if you try logging in from a different location. Another common example is fingerprint or facial recognition on your phone to open an App.

Authentication

It is important to confirm that users are the legitimate owners of whatever identities they have claimed. Authentication is the process of confirming or proving the user's identity. Authentication, expressed simply, is the process of establishing the legitimacy of the user.

Three techniques of authentication are frequently used:

Something you know: Passwords or paraphrases

Something you have: Tokens, memory cards, smart cards

Something you are: Biometrics , measurable characteristics

#ISC2

Non Repudiation

Non-repudiation is a legal term and is defined as the protection against an individual falsely denying having performed a particular action. It provides the capability to determine whether a given individual took a particular action, such as created information, approved information or sent or received a message.
#ISC2